Vulnerability Details CVE-2024-44676
eladmin v2.7 and before is vulnerable to Cross Site Scripting (XSS) which allows an attacker to execute arbitrary code via LocalStoreController. java.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.0%
CVSS Severity
CVSS v3 Score 4.8
References
- https://github.com/elunez/eladmin
- https://github.com/jcxj/jcxj/blob/master/source/_posts/eladmin-%E5%A4%8D%E7%8E%B0.md
- https://github.com/l1uyi/cve-list/blob/main/cve-list/eladmin-CVE-2024-44676_CVE-2024-44677.md
- https://github.com/l1uyi/cve-list/blob/main/cve-list/eladmin-CVE-2024-44676_CVE-2024-44677.md